IPMediumSignal 73/100
172.105.103.53
Location
CanadaToronto, Ontario
ASN
AS63949
Linode
First Seen
May 13, 2026
Last Seen
May 22, 2026
May 13
First Seen
28d ago
May 22
Last Seen
19d ago
8
Reports
source reports
73%
Confidence
medium
3/91
VirusTotal
detections
Found in 8 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
73%
Signal Score
73 / 100
IDS Rule
No
Threat Context
Tags
Network Information
CountryCanada
CanadaRegionToronto, Ontario
ASNAS63949
OrganizationLinode
Feed Intelligence Summary
8 reports73% confidence
8
Source reports
73%
Confidence score
Category tags
abuseactive scanbad reputationbrute forcebrute force attackercacanadaexploitexploitation activityindicatornetworknorth americaportscanresearchedscannerscannersservice scantpotvulnerability scanvulnerability-exploitationvultr
Activity Timeline
May 22May 22
Threat Activity Heatmap
· Peak: 2026-05-22LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreHigh Risk
73
SIGNAL
Signal Score
73%
Confidence
8
Reports
First seenMay 13, 2026
Last seenMay 22, 2026
GeolocationCA
CountryCanada
LocationToronto, Ontario
ASNAS63949
OrgLinode
Coords43.6537, -79.3829
WHOIS
- description
- Score: 99/100. Labels: abuseipdb:brute-force, abuseipdb:critical, abuseipdb:exploited-host, abuseipdb:hacking, abuseipdb:port-scan, abuseipdb:reported. 172.105.103.53 classified as automated brute-force attacker targeting SSH/Telnet credentials (medium confidence). Origin: enriched. Listed on: AbuseIPDB (brute-force, critical, exploited-host).
- raw
- Akamai Technologies, Inc. LINODE-US (NET-172-104-0-0-1) 172.104.0.0 - 172.105.255.255 Linode LINODE (NET-172-104-0-0-2) 172.104.0.0 - 172.105.146.255
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 28 days ago · Last seen 19 days ago
Appeared in 8 threat reports